Inkscape fails to start
- Found in: 1.19 on Ubuntu feisty
Inkscape uses the Boehm garbage collector which wants to open /proc/self/stat in order to find the start address of the stack.
$ pola-run -B --x11 -e inkscape ** (process:4655): WARNING **: GC Warning: Couldn't read /proc/stat ** (process:4655): WARNING **: GC Warning: GC_get_nprocs() returned -1 Couldn't read /proc/self/stat
If granted access to /proc, it segfaults:
$ pola-run -B --x11 -f /proc -e inkscape $ pola-run -B --x11 -f /proc -e strace inkscape ... --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV (core dumped) +++
Note that pola-run returns a non-zero exit code but it doesn't print anything to indicate that the subprocess died from a signal (SIGSEGV in this case). Maybe this should be changed.
Granting access to /proc doesn't work because inkscape will see the ServerProcess's /proc/self/stat instead of the correct values for its own process. This used to work by accident, probably before the position of the stack was randomised by the kernel.
The GC could be changed to use __libc_stack_end instead of /proc/self/stat. See this thread: Patch for __libc_stack_end (Mike Hearn). However, the patch was not applied.
grsecurity also hit this problem: Restrictions on /proc/<pid>/[maps|stat - relax for /proc/self? (Kevin F. Quinn)]